OpenStack Compute (Nova)

On XenServer the DomU firewall driver fails with NotImplementedError

Reported by John Garbutt on 2012-01-30
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Undecided
Armando Migliaccio

Bug Description

If you run with the default flag in devstack:
--firewall_driver=nova.virt.firewall.IptablesFirewallDriver

When trying to launch an instance you get the following error:
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/xenapi/vmops.py", line 223, in spawn
(nova.rpc): TRACE: network_info)
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/firewall.py", line 133, in prepare_instance_filter
(nova.rpc): TRACE: self.refresh_provider_fw_rules()
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/firewall.py", line 361, in refresh_provider_fw_rules
(nova.rpc): TRACE: self._do_refresh_provider_fw_rules()
(nova.rpc): TRACE: File "/opt/stack/nova/nova/utils.py", line 844, in inner
(nova.rpc): TRACE: retval = f(*args, **kwargs)
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/firewall.py", line 368, in _do_refresh_provider_fw_rules
(nova.rpc): TRACE: self._build_provider_fw_rules()
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/firewall.py", line 381, in _build_provider_fw_rules
(nova.rpc): TRACE: ipv4_rules, ipv6_rules = self._provider_rules()
(nova.rpc): TRACE: File "/opt/stack/nova/nova/virt/firewall.py", line 392, in _provider_rules
(nova.rpc): TRACE: raise NotImplementedError()
(nova.rpc): TRACE: NotImplementedError

Everything works if you use the Dom0 driver, using the following flag:
--firewall_driver=nova.virt.xenapi.firewall.Dom0IptablesFirewallDriver

However, I think it should really be able to work with the other firewall driver too.

Changed in nova:
assignee: nobody → Armando Migliaccio (armando-migliaccio)
status: New → Confirmed

Fix proposed to branch: master
Review: https://review.openstack.org/3580

Changed in nova:
status: Confirmed → In Progress

Reviewed: https://review.openstack.org/3580
Committed: http://github.com/openstack/nova/commit/e08912439e00909c791f6787cce51329b0836901
Submitter: Jenkins
Branch: master

commit e08912439e00909c791f6787cce51329b0836901
Author: Armando Migliaccio <email address hidden>
Date: Tue Jan 31 15:35:44 2012 +0000

    bug 923798: On XenServer the DomU firewall driver fails with NotImplementedError

    Move _provider_rules in the base class. This should be enough to deal with most
    distros on which a domU is based on.

    Change-Id: I738116c5f330c2493c62d8f1f3da39abb3c3ad11

Changed in nova:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2012-02-29
Changed in nova:
milestone: none → essex-4
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2012-04-05
Changed in nova:
milestone: essex-4 → 2012.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers